Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpcoin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0946
SQL injection vulnerability in phpCoin 1.2.1b and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering...
Coinsoft Technologies Phpcoin 1.2
Coinsoft Technologies Phpcoin 1.2.1
Coinsoft Technologies Phpcoin 1.2.1b
NA
CVE-2006-4424
PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote malicious users to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter.
Coinsoft Technologies Phpcoin 1.2.3
1 EDB exploit
NA
CVE-2006-4425
Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote malicious users to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) red...
Coinsoft Technologies Phpcoin 1.2.3
1 EDB exploit
NA
CVE-2005-4213
SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the phpcoinsessid cookie.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4211
PHP remote file inclusion vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the $_CCFG[_PKG_PATH_DBSE] variable.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4212
Directory traversal vulnerability in coin_includes/db.php in phpCOIN 1.2.2 allows remote malicious users to read arbitrary local files via ".." (dot dot) sequences in the $_CCFG[_PKG_PATH_DBSE] variable.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2005-4214
phpCOIN 1.2.2 allows remote malicious users to obtain the installation path via a direct request to config.php, which leaks the path in an error message because the _CCFG['_PKG_PATH_DBSE'] variable is not defined.
Coinsoft Technologies Phpcoin 1.2.2
NA
CVE-2005-4447
SQL injection vulnerability in articles\articles_funcs.php in phpCOIN 1.2.2 allows remote malicious users to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. NOTE: the original disclosure suggests that command injection is not feasib...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2